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Description 

Field of The Invention 

[0001] The present invention relates to a system and 5 
method for providing a user with subscriber content data 
utilizing a remote control device which interacts with a 
service provider and set-top box over respective trans- 
mission paths. More specifically, the remote control de- 
vice is smart card activated and enabled to provide a 
high level of security for the transmission of requests for 
subscriber content data and the transmission of the re- 
quested subscriber content data. 
[0002] As advances are made in communications, es- 
pecially wireless communications, and as efforts have 
been made to provide even more convenience for con- 
sumers, personal service providers have entered the 
homes and offices of their customers by providing their 
services by computer, television and other such multi- 
media terminals. 

[0003] Examples of such services offered in the home 
include, but are certainly not limited to, personal bank- 
ing, shopping and entertainment, which further includes 
pay-per-view programming and interactive video 
games. 

[0004] To that end, European Patent Application EP 
0 776 132 A2 describes an interactive television system 
in which service providers are able to provide services 
such as entertainment programs to users and also con- 
duct electronic user polls, by utilizing terminals which 
communicate bidirectionally with a central computer. 
Each user of a terminal in the system is able to request 
services or even participate in polling by using a remote 
control apparatus. Furthermore, each remote control 
apparatus is registered to the respective user thereof, 
so that any message data issued by the respective re- 
mote control apparatus is accompanied by identifier in- 
formation read out from a memory thereof for identifying 
the particular transmitting remote control apparatus. In- 
dividual user recognition by the remote control device 
can also be implemented using a plug-in iC card inter- 
face or fingerprint recognition section. 
[0005] More particularly, though the remote control 
apparatus has a personal information storage section, 
with a remote control apparatus identifier stored therein 
to identify that specific remote control apparatus. Thus, 
before sending any message data from a user's as- 
signed remote control apparatus, the user must first in- 
put a password in order to use the remote control appa- 
ratus. 

[0006] Further, the remote control apparatus may in- 
clude an encryption processing section by which the us- 
er's personal information can first be encrypted, and the 
encrypted code is then transmitted in place of the user's 
personal information in the transmitted data message. 
[0007] Further still, in an effort to prohibit unauthor- 
ized users from using the specifically assigned remote 
control apparatus, the remote control apparatus may al- 



so include an interface section, or receptacle, for a plug- 
in IC (integrated circuit) card which enables the IC to be 
electrically connected via a data input port to a CPU 
(central processing unit). Thus, a user of the remote 
control apparatus must first insert the appropriate IC into 
the interface section, so that the CPU can execute 
processing to compare identification data stored on the 
IC with the user-specifying code stored in the remote 
control apparatus, to thereby effect recognition of the 
authorized user. 

[0008] According to such embodiments, in order to re- 
quest services through an interactive television system, 
a user thereof must therefore use a specifically assigned 
remote control apparatus which has user personal in- 
formation stored therein in order to conduct interactive 
processing using a remote control apparatus. 
[0009] Thus, existing security features of the interac- 
tive television system utilizing remote control apparatus- 
es intended to prohibit non-designated users from using 
the specifically assigned remote control apparatus in- 
clude (1 ) having a user enter a password to the remote 
control apparatus in order to activate the remote control 
apparatus, (2) attaching encrypted user-identification 
information to data messages transmitted from the re- 
mote control apparatus, and (3) comparing user identi- 
fication information stored in the remote control appara- 
tus with user identification information stored in a CPU 
by mounting an IC on the remote control apparatus 
which is connected to the CPU in order to perform the 
user identification information comparison. 
[0010] However, the prior art is unable to ensure se- 
curity of interactive transactions, including data re- 
quests and data transmissions between the user of a 
remote control apparatus and a service provider. 

SUMMARY OF THE INVENTION 

[0011] Therefore, it is an object of the present inven- 
tion to provide an interactive multimedia personal serv- 
ice system in which a user utilizes a smart-card activat- 
ed and enabled remote control device to interact with a 
service provider, via a set-top box, utilizing respective 
transmission paths, to securely request and receive 
subscriber content data. 

[0012] According to a first aspect of the invention 
there is provided a method according to claim 1. 
[0013] According to a second aspect of the invention 
there is provided a system according to claim 16. 
[0014] According to a third aspect of the invention 
there is provided a method according to claim 2. 
[0015] According to a fourth aspect of the invention 
there is provided a system according to claim 17. 
[0016] The present invention relates to an interactive 
subscriber content data system which provides secure 
interaction between a user's remote control device, a 
set-top box and a service provider. An end user of the 
system holds a remote control device which may be a 
system-specific remote control device or a personal 
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hand-held device, a hand-held pager or a wireless tele- 
phone. 

[0017] The remote control device provides secure 
transmissions for requests of subscriber content data 
since the remote control device is activated by the in- 
sertion of a user's personalized smart card into a reader 
which has contacts which contact corresponding con- 
tacts on a surface of the smart card. The smart card in- 
cludes a security chip which includes personalized iden- 
tification information for activating the remote control de- 
vice, and further includes both a public key and a private 
key for encryption and decryption purposes, respective- 
ly- 

[0018] After the user has activated the remote control 
device by inserting his or her personalized smart card 
into the reader, the user enters a request for subscriber 
content data using a key-pad or a smart touch pad on 
the remote control device. The request for subscriber 
content data as well as the user's public key, which is 
stored on the user's smart card, are then transmitted to 
the service provider over a first transmission path which 
is a two-way transmission path which includes a short 
message service (SMS). 

[001 9] In response to the request for subscriber con- 
tent data from the user's remote control device, the fol- 
lowing embodiments are provided, although the inven- 
tion is not at all limited thereto. 
[0020] According to an embodiment of the first and 
second aspect of the invention, the service provider re- 
ceives the user's transmitted public key, encrypts a se- 
cret key corresponding to the service provider, and 
transmits the encrypted secret key corresponding to the 
service provider back to the remote control device, via 
the same two-way connection between the remote con- 
trol device and the service provider on which the request 
for the subscriber content data was originally transmit- 
ted. 

[0021] Upon receiving the encrypted secret key which 
has been encrypted using the user's public key from the 
service provider, the remote control device decrypts the 
service provider's secret key using the user's private key 
which is stored on the user's smart card. The remote 
control device then transmits the decrypted secret key 
corresponding to the service provider to a set-top box 
over a second transmission path which is a two-way 
connection between the remote control device and the 
set-top box. The two-way transmission path between 
the remote control device and the set-top box includes 
encrypted transmission connections such as a blue- 
tooth connection. 

[0022] The set-top box is a mufti-media terminal which 
receives the requested subscriber content data from the 
service provider over a third transmission path. The third 
transmission path is a one-way broadcasting path from 
the service provider to the set-top box including a digital 
video broadcasting transmission (DVB-T). The request- 
ed content data is decrypted at the set-top box after the 
set-top box has received both the subscriber content da- 



ta which has been encrypted by the service provider's 
secret key over the third transmission path and the de- 
crypted secret key corresponding to the service provider 
from the remote control device over the second trans- 
5 mission path. Then the encrypted requested subscriber 
content data is decrypted and is then ready for display 
and/or further interactive activity ordered by the user of 
the remote control device. 

[0023] According to an embodiment of the third and 
fourth aspect of the invention, after the request for sub- 
scriber content data and the user's public key have been 
transmitted from the user's remote control device to the 
service provider over the first transmission path, the 
service provider encrypts the secret key corresponding 
to the service provider using the user's transmitted pub- 
lic key and also encrypts the requested subscriber con- 
tent data using the secret key. Then, the service provider 
transmits to the set-top box both the encrypted secret 
key corresponding to the service provider which has 
been encrypted using the user's public key and the re- 
quested subscriber content data which has been en- 
crypted using the service provider's secret key. The 
transmission from the service provider to the set-top box 
is made over the third transmission path, which is the 
one-way transmission path from the service provider to 
the set-top box. 

[0024] The set-top box then transmits the encrypted 
secret key to the remote control device over the second 
transmission path which includes the two-way encrypt- 
ed connection between the set-top box and the remote 
control device. Upon receiving the encrypted secret key, 
the remote control device decrypts the service provid- 
er's secret key using the user's private key which is 
stored on the user's smart card. The remote control de- 
vice then transmits the decrypted secret key corre- 
sponding to the service provider back to the set-top box 
over the second transmission path, thus enabling the 
encrypted su bscriber content data to be decrypted at the 
set-top box using the service provider's secret key. The 
decrypted subscriber content data is then ready for dis- 
play and/or further interactive activity ordered by the us- 
er of the remote control device. 
[0025] It is noted that the transmission paths de- 
scribed above connecting the remote control device and 
the service provider, the remote control device and the 
set-top box, and the service provider and the set-top 
box, respectively, are the same for both embodiments 
described above. 



[0026] The scope of the present invention will be ap- 
parent from the following detailed description, when tak- 
en in conjunction with the accompanying drawings, and 
such detailed description, while indicating preferred em- 
bodiments of the invention, are given as illustrations on- 
ly, since various changes and modifications within the 
spirit and scope of the invention will become apparent 
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to those skilled in the art from this detailed description, 
in which: 

Fig. 1 shows a box-chart corresponding to a system 
embodiment of the present invention; 
Fig. 2 shows a flowchart of the processing accord- 
ing to a first method embodiment of the present in- 
vention; and 

Fig. 3 shows a flowchart of the processing accord- 
ing to a second method embodiment of the present 
invention. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

[0027] In the detailed description of the subject inven- 
tion which follows, when appropriate, like reference nu- 
merals and characters may be used to designate iden- 
tical, corresponding or similar components in different 
figure drawings. Furthermore, example sizes/models/ 
values/ranges may be given, although the present in- 
vention is not intended to be so limited. 
[0028] According to an example embodiment of the 
present invention, an interactive subscriber content data 
system provides secure interaction between a user's re- 
mote control device, a set-top box and a service provid- 
er. As shown in Fig. 1 , for example, an end user of the 
system holds a remote control device 1 which may be a 
system-specific remote control device or a personal 
hand-held device including, but not limited to, a hand- 
held pager or a wireless telephone. 
[0029] The remote control device 1 provides secure 
transmissions for requests of subscriber content data 
since the remote control device 1 is activated by the in- 
sertion of a user's personalized smart card 5 into the 
remote control device 1 where it is read. The smart card 
5 includes a security chip which includes personalized 
identification information for activating the remote con- 
trol device, and further includes both a public key 7 and 
a private key 8 for encryption and decryption purposes, 
respectively. 

[0030] Figs. 2 and 3, described below, represent two 
example method embodiments of the present invention 
for securely requesting and receiving subscriber content 
data utilizing the system of Fig. 1 described above, al- 
though the present invention is not limited only to such 
descriptions. 

[0031] The method embodiments described in both 
Figs. 2 and 3 start with step 100 whereby a user has 
activated a remote control device by reading the user's 
personalized smart card 5. The subsequent steps of the 
method embodiment of Fig. 2 will be described next. In 
step 200, the user enters a request for subscriber con- 
tent data using a key-pad or a smart touch pad on the 
remote control device 1 . The request for subscriber con- 
tent data as well as the user's public key 7, which is 
stored on the user's smart card 5, are then both trans- 
mitted to the service provider 2 over a first transmission 



path 10 which is a two-way transmission path which in- 
cludes, but is not limited to, a short message service 
(SMS). The first transmission path may be in accord- 
ance with diverse types of transmission mechanisms in- 

5 eluding, but not limited to, GSM, CDMA, UMTS, etc. 
SMS is a type of pager service within the Global System 
for Mobile Communications (GSM) mobile phone sys- 
tem that supports messages up to 160 characters in 
length. SMS supports binary formats, and messages 

10 ride on a separate signaling path so they are transmitted 
simultaneously with voice, data and fax. GSM is a digital 
cellular phone technology based on Time Division Mul- 
tiple Access system (TDMA) that is widely deployed in 
Europe and throughout the world, operating in the 1.8 

*s to 1 .9 GHz band, compared to 800-900MHz for other 
cellular systems. TDMA is a satellite and cellular phone 
technology that interleaves multiple digital signals onto 
a single high-speed channel. 

[0032] The service provider 2 receives the user's 

20 transmitted public key, and, in step 200, encrypts a se- 
cret key 9 corresponding to the service provider and 
transmits the encrypted secret key 9 corresponding to 
the service provider back to the remote control device, 
via the same two-way connection between the remote 

25 control device and the service provider on which the re- 
quest for the subscriber content data was originally 
transmitted. Step 200 may also include the encryption 
of the requested subscriber content data by the service 
provider using the user's transmitted public key 7, and 

30 the further transmission of the encrypted requested con- 
tent data to the set-top box 3 from the service provider 2 . 
[0033] Upon receiving the encrypted secret key 9 
which has been encrypted using the user's public key 
from the service provider, in step 21 0 the remote control 

35 device decrypts the service provider's secret key 9 using 
the user's private key 8 which is stored on the user's 
smart card 5. In step 220, the remote control device 1 
then transmits the decrypted secret key 9 corresponding 
to the service provider to a set-top box 3 over a second 

40 transmission path 20 which is a two-way connection be- 
tween the remote control device 1 and the set-top box 
3. The two-way transmission path 20 between the re- 
mote control device 1 and the set-top box 3 includes, 
but is not limited to, encrypted transmission connections 

<5 such as a bluetooth connection. Bluetooth protocol is a 
radio frequency protocol having a radio frequency range 
of 1 00m to 1 000m. 

[0034] Furthermore, the set-top box 3 is a multi-media 
terminal which receives, in step 200, the encrypted re- 

so quested subscriber content data from the service pro- 
vider over a third transmission path 30. The third trans- 
mission path 30 is a one-way broadcasting path from 
the service provider to the set-top box including, but not 
limited to, a digital video broadcasting transmission 

55 (DVB-T). DVB is an international digital broadcast 
standard for TV, audio and data which can be broadcast 
via satellite, cable or terrestrial systems. 
[0035] If the first transmission path 1 0 is not available 
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for any reason, as an alternative when the remote con- 
troller is used, a fourth path (not illustrated), which per- 
forms the function of the first path, may be used which 
is comprised of the second path 20 and a telephone mo- 
dem connection between the set top box 3 and the serv- 
ice providers. The set-top box 3 may include a wireless 
modem. 

[0036] The encrypted requested content data is de- 
crypted at the set-top box 3 after the set-top box 3 has 
received both the subscriber content data which has 
been encrypted by the service provider's secret key 9 
over the third transmission path 30 (step 200) and the 
decrypted secret key 9 corresponding to the service pro- 
vider from the remote control device 1 over the second 
transmission path 20 (step 220). Then in step 230 the 
encrypted requested subscriber content data is decrypt- 
ed using the service provider's secret key 9 and is then 
ready for display and/or further interactive activity or- 
dered by the user of the remote control device, as shown 
by step 240. 

[0037] In a second method embodiment of the 
present invention, as shown in Fig. 3, after the step 1 00 
request for subscriber content data and the user's public 
key 7 have been transmitted from the user's remote con- 
trol device 1 to the service provider 2 over the first trans- 
mission path 1 0, in step 300 the service provider 2 trans- 
mits to the set-top box 3 the secret key 9 corresponding 
to the service provider 2 which is encrypted using the 
user's transmitted public key 7 and the requested sub- 
scriber content data which is encrypted using the secret 
key 9. The service provider 2 transmits the encrypted 
secret key 9 and the encrypted requested subscriber 
content data over one-way third transmission path 300, 
which is described above. 

[0038] In step 310, the set-top box 3 then transmits 
the encrypted secret key 9 to the remote control device 
1 over the second transmission path 20. Upon receiving 
the encrypted secret key 9, in step 320 the remote con- 
trol device 1 decrypts the service provider's secret key 
9 using the user's private key 8 which is stored on the 
user's smart card 5. It should be noted that for all method 
embodiments, including but not limited to those shown 
in Figs. 2 and 3, the smart card 5 may either remain in- 
serted in the remote control device 1 or the smart card 
5 may be read by the remote control device .1 with the 
personal information of the user, including the user's 
public key 7 and private key 8 being downloaded onto 
the process 6 of the remote control device 1 . 
[0039] In step 330, the remote control device 1 trans- 
mits the decrypted secret key 9 corresponding to the 
service provider 2 back to the set-top box 3 over the 
second transmission path 20, thus enabling step 340 
whereby the encrypted subscriber content data to be de- 
crypted at the set-top box 3 using the service provider's 
secret key 9. The decrypted subscriber content data is 
then ready for display and/or further interactive activity 
ordered by the user of the remote control device, as 
shown by step 350. 



[0040] Thus, the present invention in a preferred em- 
bodiment utilizes cryptography keys stored in personal- 
ized smart cards in combination with cryptography keys 
corresponding to respective service providers, to enable 
5 a user to use a remote control device to securely request 
subscriber content data from a service provider and se- 
curely receive the requested subscriber content data 
from the service provider. 

[0041] While the present invention has been de- 
10 scribed in detail and pictorially in the accompanying 
drawings, it is not limited to such details since many 
changes and modifications may be made thereto with- 
out departing from the scope of the present claims. For 
example, the transfer of keys over the second transmis- 
*5 sion path 20 could be eliminated if the content data is 
encrypted or decrypted on the smart card. It is intended 
that all such modifications fall within the scope of the 
following claims. 

20 

Claims 

1 . A method for providing content data from a service 
provider to a requesting end user, said method com- 

25 prising the steps of: 

transmitting, through a first transmission path, 
from a remote control device corresponding to 
said end user to a service provider, a public key 
30 and a request for content data; 

transmitting, through said first transmission 
path, a secret key encrypted by said public key 
from said service provider to said remote con- 
trol device; 

35 receiving said secret key encrypted by said 

public key from said service provider at said re- 
mote control device; 

decrypting, at said remote control device, the 
secret key using a private key corresponding to 

40 said public key of said end user; 

transmitting, through a second transmission 
path, from said remote control device to a set- 
tdp box, the decrypted secret key correspond- 
ing to said service provider; 

45 transmitting, through a third transmission path, 

from said service provider to said set-top box, 
the requested content data encrypted by said 
secret key; and 

decrypting the encrypted content data, by said 
50 set-top box, using the secret key corresponding 

to said service provider. 

2. A method for providing content data from a service 
provider to a requesting end user, said method com- 

55 prising the steps of: 

transmitting, through a first transmission path, 
from a remote control device to a service pro- 



9 



EP1 150 506 A2 



10 



vider, a public key and a request for content da- 
ta; 

transmitting, through a third transmission path, 
from said service provider to a set-top box, a 
secret key corresponding to said service pro- 
vider encrypted by said public key and the re- 
. quested content data encrypted by said secret 
key; 

transmitting, through a second transmission 
path, from said set-top box to said remote con- 
trol device, the encrypted secret key corre- 
sponding to said service provider; 
decrypting, by said remote control device, said 
secret key corresponding to said service pro- 
vider using a private key corresponding to said 
public key of said end user; 
transmitting, through said second transmission 
path, from said remote control device to said 
set-top box, the decrypted secret key corre- 
sponding to said service provider; and 
decrypting, by said set-top box, the encrypted 
content data using the secret key correspond- 
ing to said service provider. 

3. A method according to Claim 1 or 2, wherein said 
first transmission path is a two-way data or messag- 
ing connection between said remote control device 
and said service provider. 

4. A method according to Claim 3, wherein said two- 
way TDMA connection is a two-way GSM (Global 
System for Mobile Communications) connection 
between said remote control device and said serv- 
ice provider. 

5. A method according to Claim 4, wherein said two- 
way GSM connection is a two-way SMS (Short Mes- 
sage Service) connection between said remote 
control device and said service provider. 

6. A method according to Claim 1 or 2, wherein said 
second transmission path is encrypted. 

7. A method according to Claim 6, wherein said sec- 
ond transmission path is a two-way bluetooth con- 
nection between said remote control device and 
said set-top box. 

8. A method according to Claim 1 or 2, wherein said 
third transmission path is a one-way transmission 
path from said service provider to said set-top box. 

9. A method according to Claim 8, wherein said one- 
way transmission path is a DVB (Digital Video 
Broadcasting) transmission path. 

10. A method according to Claim 1 or 2, wherein said 
remote control device is activated by a smart card, 



and said smart card stores said public key and said 
private key corresponding to said end user. 

11. A method according to Claim 1 or 2, wherein said 
5 set-top box is a multi-media terminal. 

12. A method according to Claim 11 .wherein said multi- 
media terminal is an electronic notebook. 

10 13. A method according to Claim 11 .wherein said multi- 
media terminal is a television set. 

14. A method according to Claim 1 or 2, wherein said 
remote control device is a hand-held pager. 

A method according to Claim 1 or 2, wherein said 
remote control device is a telephone. 

1 6. A subscriber data content service receiving system, 
comprising: 

a remote control device corresponding to an 
end user; 
a set-top box; and 
a service provider; 
wherein: 

said remote control device is configured to 
transmit to a service provider, through a 
first transmission path, a public key and a 
request for content data; 
said service provider is configured to trans- 
mit to said remote control device, through 
said first transmission path, a secret key 
encrypted by said public key; 
said remote control device is configured to 
receive said secret key encrypted by said 
public key from said service provider; 
said remote control device is configured to 
decrypt said secret key using a private key 
corresponding to said public key of said 
end user; 

said remote control device is configured to 
transmit to said set-top box, through a sec- 
ond transmission path, the decrypted se- 
cret key corresponding to said service pro- 
vider; 

said service provider is configured to trans- 
mit to said set-top box, through a third 
transmission path, the requested content 
data encrypted by said secret key; and 
said set-top box is configured to decrypt 
the encrypted content data using the secret 
key corresponding to said service provider. 

1 7. A subscriber data content service receiving system, 
comprising: 
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a remote control device corresponding to an 

end user; 

a set-top box; and 

a service provider; 

wherein: 

said remote control device is configured to 
transmit to a service provider, through a 
first transmission path, a public key and a 
request for content data; 
said service provider is configured to trans- 
mit to a set-top box, through a third trans- 
mission path, a secret key corresponding 
to said service provider encrypted by said 
public key and the requested content data 
encrypted by said secret key; 
said set-top box is configured to transmit to 
said remote control device, through a sec- 
ond transmission path, the encrypted se- 
cret key; 

said remote control device is configured to 
decrypt said secret key corresponding to 
said service provider using a private key 
corresponding to said public key of said 
end user; 

said remote control device is configured to 
transmit to said set-top box, through said 
second transmission path, the decrypted 
secret key corresponding to said service 
provider; and 

said set-top box is configured to decrypt 
the encrypted content data using the secret 
key corresponding to said service provider. 

18. A system according to Claim 1 6 or 1 7, wherein said 
first transmission path is a two-way TDMA connec- 
tion between said remote control device and said 
service provider. 

19. A system according to Claim 1 8, wherein said TD- 
MA connection is a two-way GSM (Global System 
for Mobile Communications) connection between 
said remote control device and said service provid- 
er. 

20. A system according to Claim 1 9, wherein said GSM 
connection is a two-way SMS (Short Message Serv- 
ice) connection between said remote control device 
and said service provider. 

21 . A system according to Claim 1 6 or 1 7, wherein said 
second transmission path is encrypted. 

22. A system according to Claim 21 , wherein said sec- 
ond transmission path is a two-way bluetooth con- 
nection between said remote control device and 
said set-top box. 



23. A system according to Claim 1 6 or 1 7, wherein said 
third transmission path is a one-way transmission 
path from said service provider to said set-top box. 

5 24. A system according to Claim 23, wherein said one- 
way transmission path is a DVB (Digital Video 
Broadcasting) transmission path. 

25. A system according to Claim 1 6 or 1 7, wherein said 
*0 remote control device is configured to be activated 
by a smart card, and said smart card is configured 
to store said public key and said private key corre- 
sponding to said end user. 

^5 26. A system according to Claim 1 6 or 1 7, wherein said 
set-top box is a multi-media terminal. 

27. A system according to Claim 26, wherein said multi- 
media terminal is an electronic notebook. 

20 

28. A system according to Claim 26, wherein said multi- 
media terminal is a television set. 

29. A system according to Claim 1 6 or 1 7, wherein said 
25 remote control device is a hand-held pager. 

30. A system according to Claim 1 6 or 1 7, wherein said 
remote control device is a telephone. 
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